Cryptography accelerator interface decoupling from cryptography processing cores
Methods and apparatus are provided for decoupling a cryptography accelerator interface from cryptographic processing cores. A shared resource is provided at the cryptography accelerator interface having multiple input ports. References to data in the shared resource are provided to allow processing and ordering of data in preparation for processing by cryptographic processing cores without substantial numbers of separate buffers in the cryptographic processing data paths.
Latest Broadcom Corporation Patents:
This application claims priority under U.S.C. 119(e) from U.S. Provisional Application No. 60/434,745, filed Dec. 18, 2002, Entitled: Methods And Apparatus For Cryptography Accelerator Data Handling, by Mark Buer and Donald P. Matthews, the entirety of which is incorporated by reference for all purposes. The present application is also related to concurrently filed U.S. patent application Ser. No. 10/351,258 entitled Methods And Apparatus For Ordering Data In A Cryptography Accelerator, by Tim Paaske and Mark Buer, U.S. patent application Ser. No. 10/350,907 entitled Cryptography Accelerator Input Interface Data Handling, by Mark Buer and Don Matthews, and U.S. patent application Ser. No. 10/350,922, entitled Cryptography Accelerator Data Routing Unit, by Mark Buer and Don Matthews, the entireties of which are incorporated by reference for all purposes.
BACKGROUND OF THE INVENTION1. Field of the Invention
The present application relates to cryptography accelerators. More specifically, the present application relates to methods and apparatus for data handling in cryptography accelerators.
2. Description of Related Art
Conventional cryptography accelerators include a variety of mechanisms for managing the exchange of data with external devices. In many conventional implementations, specialized data handling mechanisms are configured for specific ports. Port buffers are preconfigured based on expected needs and requirements of particular ports and data path buffers are provided for implementation of cryptographic operations.
Mechanisms for performing cryptographic operations are described in Applied Cryptography, Bruce Schneier, John Wiley & Sons, Inc. (ISBN 0471128457), incorporated by reference in its entirety for all purposes. However, implementation of specialized data handling mechanisms for specific ports and providing buffers throughout a cryptography accelerator causes a variety of inefficiencies including data handling inefficiencies and inflexibility in managing different types of data.
It is therefore desirable to provide methods and apparatus for improving data handling with respect to some or all of the performance limitations noted above.
SUMMARY OF THE INVENTIONMethods and apparatus are provided for decoupling a cryptography accelerator interface from cryptographic processing cores. A shared resource is provided at the cryptography accelerator interface having multiple input ports. References to data in the shared resource are provided to allow processing and ordering of data in preparation for processing by cryptographic processing cores without substantial numbers of separate buffers in the cryptographic processing data paths.
In one embodiment, a cryptography accelerator is provided. The cryptography accelerator includes a plurality of input ports, a data input unit input controller, and policy security association lookup circuitry. The data input unit input controller is coupled to the plurality of input ports. The data input unit input controller is configured to write data blocks from the plurality of input ports into an input buffer and write entries corresponding to the data blocks into a buffer pointer table. Policy security association lookup circuitry is configured to receive header information and determine policy and security association information associated with the data blocks. The policy and security association information is forwarded with the data blocks to cryptographic processing cores.
In another embodiment, a method for data handling in a cryptography accelerator is provided. A plurality of data sequences is received at one of a plurality of input ports. The plurality of data sequences are into a shared resource. References to the data sequences are provided in the shared resource. The references identify the data sequences as well as the type of the data sequences. A policy security association lookup is performed to determine policy and security association information associated with the data sequences. The plurality of data sequences are forwarded along with policy and security association information to cryptographic processing circuitry.
In another embodiment, a cryptography accelerator is provided. The cryptography accelerator includes a plurality of input ports, a shared input buffer, a buffer pointer table, and policy security association lookup circuitry. The plurality of input ports are configured to receive data comprising header information and data blocks from entities external to the cryptography accelerator. The shared input buffer is associated with the plurality of input ports. The shared input buffer is configured to hold data blocks from the plurality of input ports. A buffer pointer table is associated with the plurality of input ports. The buffer pointer table has a plurality of entries configured to hold header information from the plurality of input ports. The plurality of entries reference data blocks in the shared input buffer. Policy security association lookup circuitry is configured to receive header information and determine policy and security association information associated with the data blocks. The policy and security association information is forwarded with the data blocks to cryptographic processing cores.
These and other features and advantages of the present invention will be presented in more detail in the following specification of the invention and the accompanying figures, which illustrate by way of example the principles of the invention.
The invention may best be understood by reference to the following description taken in conjunction with the accompanying drawings, which are illustrative of specific embodiments of the present invention.
The present application relates to implementing a cryptography accelerator. More specifically, the present application relates to methods and apparatus for providing a cryptography accelerator capable of performing secure session operations.
Reference will now be made in detail to some specific embodiments of the invention including the best modes contemplated by the inventors for carrying out the invention. Examples of these specific embodiments are illustrated in the accompanying drawings. While the invention is described in conjunction with these specific embodiments, it will be understood that it is not intended to limit the invention to the described embodiments. On the contrary, it is intended to cover alternatives, modifications, and equivalents as may be included within the spirit and scope of the invention as defined by the appended claims.
For example, the techniques of the present invention will be described in the context of a multiple port cryptography accelerator with multiple cores for performing particular cryptographic operations. However, it should be noted that the techniques of the present invention can be applied to a variety of different chip architectures that perform authentication and encryption operations in general. In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. The present invention may be practiced without some or all of these specific details. In other instances, well known process operations have not been described in detail in order not to unnecessarily obscure the present invention.
Although the processing unit 106 may be the central processing unit (CPU) of a system 100, it does not necessarily have to be the CPU. It can be one of a variety of processors in a multiprocessor system. In one example, a LAN interface 114 is provided to couple the processing system 100 to a local area network (LAN) to allow packet receipt and transmission. Similarly, a Wide Area Network (WAN) interface 112 can also be provided to connect the processing system to a WAN (not shown) such as the Internet. The WAN interface manages in-bound and out-bound packets to allow automatic decryption and authentication processing.
According to various embodiments, the cryptography accelerator 102 is an application specific integrated circuit (ASIC) coupled to the processor 106. The cryptography accelerator 102 can also be a programmable logic device (PLD), field programmable gate array (FPGA), or other device coupled to the processor 106. According to specific embodiments, the cryptography accelerator 102 is implemented either on a card connected to the bus 104 or as a standalone chip integrated in the system 100.
In other embodiments, the cryptography accelerator 102 itself is integrated into the processing core of a CPU of system 100, such as that available from Tensilica Corporation of Santa Clara, Calif. or ARC Cores of San Jose, Calif. In another embodiment, techniques and mechanisms of the present invention are integrated into a CPU such as a CPU available from Intel Corporation of San Jose, Calif. or AMD Corporation of Sunnyvale, Calif. By implementing cryptography accelerator functionality entirely on the processor 106, a separate card or chip in the system 100 is not needed. In still other embodiments, the processing system 100 including the cryptography accelerator 102 is implemented as a system on a chip (SOC). The network interfaces, memory, processing core, and cryptography accelerator functionality are provided on a single integrated circuit device.
The cryptography accelerator 102 is capable of implementing various network security standards, such as Secure Sockets Layer/Transport Layer Security (SSL/TLS), which provide application-transparent encryption and authentication services for network traffic. Network security standards such as SSL/TLS provide authentication through the use of hash algorithms and encryption through the use of encryption algorithms. Two commonly used hash algorithms are MD5 and the Secure Hash algorithm (SHA-1). Other hash algorithms such as MD4 and MD2 are also available. Two commonly used encryption algorithms are DES and RC4. Other encryption algorithms such as triple DES are also available. Authentication and encryption algorithms are described in Applied Cryptography, Bruce Schneier, John Wiley & Sons, Inc. (ISBN 0471128457), incorporated by reference in its entirety for all purposes.
According to various embodiments, the Gigabit MAC provides packet processing such as collision detection, back pressure, and error detection for received data. In one example, another port is a memory mapped port allowing the cryptography accelerator to obtain data from memory associated with the host. Each of the different ports may include buffers of various sizes. In one example, the buffer size is determined based on the expected packet size. For example, much larger buffers would have to be provided to hold incoming traffic for ports supporting 9 k byte packets than for ports that support only 2 k byte packets. In conventional implementations, a system designer would estimate optimal buffer sizes for the various ports. However, because each port maintains its own buffer, inefficiencies in buffer allocation can occur. Some port buffers may be underutilized while other ports receiving a large amount of traffic may not have sufficient buffer space.
In typical implementations, small buffers are also provided in data paths associated with cryptographic processing cores 217 and 209. These buffers are typically required to store data for various cryptography operations along various data paths. Having a large number of separate, fixed sized buffers leads to inefficiencies in both chip design, cost, and resource allocation. Consequently, the techniques of the present invention provide mechanisms for efficiently allocating a shared memory resource that can be optimized for different ports as well as for data paths associated with cryptographic operations.
The shared resource allows the decoupling of the interface from the various cryptographic processing cores. In one example, shared buffers are provided in both input interface 203 and output interface (not shown). The shared resource can be allocated and reallocated based on the particular specifications of the input and output ports.
Using information associated with the data, the data input unit 305 can then determine how the data should be processed. In one example, the data may require no processing at all, and may be forwarded to a bypass line 371 to allow output of the data from the cryptography accelerator 301 with substantially no cryptographic operations performed on the data. In typical implementations, the cryptography accelerator 102 includes multiple ports used for communication with external devices such as the processing unit 106 and system memory unit 108.
In a similar manner, the data input unit 303 may determine that the data from one of the input ports should be processed using one of the cryptographic processing core data paths 331, 333, 335, 337, 341, 343, 345, and 347. Any mechanism shared by various input ports to buffer and distribute data to various cryptographic processing data paths is referred to herein as a data input unit. According to various embodiments, the data input unit 303 determines whether to forward data to cryptographic processing core blocks 339 or 349 based on load information.
The data input unit 303 is configurable to provide buffering for all the different data has in the device. As noted above, in typical implementations, individual buffers were provided not only for the various ports in a cryptography accelerator, but also for the various data paths in a device. According to various embodiments, a single shared resource is provided in the data input unit to provide for buffering the various ports in the cryptographic accelerator and the various data paths in the cryptography accelerator.
In some embodiments, the cryptography accelerator 301 also includes a data routing unit 305 having multiple output ports 351, 353, 355, and 357. Any mechanism shared by output ports to buffer cryptographically processed data is referred to herein as a data routing unit. According to various embodiments, the data routing unit manages the ordering and delay of the data targeted at the various output ports. In typical embodiments, individual buffers were also associated with each of the various output ports. However, the techniques of the present invention provide a shared resource for the various output ports. According to various embodiments, the various ports are not configured with fixed size buffers and each of the ports can be modified to accommodate different types of traffic based on user needs. In one example, a particular output port may be configured to handle large size packets by allocating more buffer space in the data routing unit shared resource to that particular port.
According to various embodiments, blocks of pointers in the buffer pointer table 451 are allocated to the various input ports. The input controller 421 determines if any pointer associated with the input port is available. If a pointer associated with the input port is free or available, the data in the input port is forwarded to input buffer 441 and the pointer is assigned to the data block. In one implementation, an entry in the buffer pointer table 451 lists the free pointers available and their associated input ports. In another implementation, each entry is associated with a flag indicating if the pointer is being used and what port the pointer is associated with. If no pointers associated with the input port or available, the input controller does not hold data from the input port, as all buffer space allocated to the input port has been consumed. Any mechanism for tracking data blocks in a shared resource where the data blocks are destined for cryptographic processing is referred to herein as a buffer pointer table. Any mechanism for allocating the pointers in the buffer pointer table to various data blocks is referred to herein as an input controller 421.
When the input controller 421 has assigned data pointers from the buffer pointer table 451, a load distribution unit 461 can select data from the buffer pointer table entries. The order for all data on a particular port is maintained since the load distribution unit can be configured to select data in order from a single buffer pointer table 451. According to various embodiments, load distribution unit 461 can select data referenced by the buffer pointer table 451 using a variety of mechanisms. In one example, the load distribution unit 461 selects data from ports that have consumed all allocated buffer space. The load distribution unit can also select data entries if the data entries are entire packets. In another example, load distribution unit can select data in round-robin fashion. The load distribution unit also be configured to identify data associated with cryptographic processing.
As will be appreciated, a data destined for cryptographic processing is often processed based on information associated with the data block. In one example, a data block is processed after obtaining security association information associated with the data block. The security association information includes keys such as session keys, initialization vectors, and the particular algorithms needed to process the data. Security association data is often determined using combinations of source and destination addresses and source and destination port numbers. For example, a packet with a source of A and a destination of B may be determined to need triple DES processing, MD5 authentication, and a session key available to the cryptographic processing core from a particular memory address. The load distribution unit 461 identifies information needed for cryptographic processing of the data and provides a pointer to the information. In many instances, the pointer is a pointer to the header of a packet stored in the input buffer 441.
According to various embodiments, the load distribution unit 461 passes information to target list 471. In one example, target list 471 includes multiple lists, each list associated with a particular data path. One list may be associated with bypass data that should be passed through the cryptography accelerator substantially without processing. Other lists may be associated with public key operation data paths. In one example, a modular exponentiation unit list is provided for performing modulus operations on data in the input buffer 441. Still other lists include pointers to data blocks in buffer memory 441 requiring processing by one of the cryptographic accelerator course. The data pointer lists are associated with a header pointer list that identifies how to derive information such as security association information for processing the data corresponding to the pointers in the data pointer list. The output controller 481 is responsible for forwarding data associated with the pointers in the target list to the various data paths. Typically, data associated with each of the lists in the target list 471 is pulled in round-robin fashion. In one example data associated with each list gets the same amount of bandwidth out of the input buffer 441.
The input buffer allows storage of information for use in various cryptographic operations as well as the allocation of memory to various ports as provided by the buffer pointer table 451.
It should be noted that much of the load distribution processing and the data path decision processing is performed using pointers to blocks of memory in the input buffer. In a cryptography processing context, this provides important benefits including the capability to process data and associated security association information along data paths where the data paths can be implemented substantially without data path buffers.
Consequently, merge data unit buffer lists 621 and 623 are linked to policy security association lookup unit header list 631. When a pointer is provided to merge data unit buffer list 621, a pointer is also provided to policy security association lookup unit header list 631. The merge data unit buffer list 621 pointer allows later combination of data with security association information extracted from a policy security association lookup unit. When the data is combined with the security association information, the data can be processed using one of a number of cryptographic processing cores.
In one example, the policy security association lookup unit 791 uses the information in the security association handle 715 to identify security association information. The information identified can be used for both inbound and outbound packets to allow the packets to be classified into flows. In one instance, the security association handle 715 includes up to 2 k of the header of the associated packet. The policy security association lookup unit then issues a security association update 717 to modify data such as sequence numbers associated with a flow.
The policy security association lookup unit 791 acquires security association data 721 and passes the security association data 725 to a merge data unit 793. The merge data unit 793 combines the security association data 723 with the data 711 and header 713. It should be noted that the policy security association lookup unit processing may vary depending on whether the packet is an inbound packet or an outbound packet. For an outbound packet, the policy security association lookup unit may also be responsible for determining header information such as outer IP header information. For an inbound packet, the outer IP header information is included in the data 711 and header information 713. Various types of error checking can also be performed by the policy security association lookup unit 791 to determine that the flow referenced by a security association handle 715 is a valid one.
It should be noted that each merge data unit 793 can then pass the combined data to one of multiple cryptography processing core data paths. In one example, two merge data units are provided in a cryptography accelerator having a data input unit and eight processing cores. The two merge data units are also associated with a single policy security association lookup unit. Each merge data is coupled to four cryptographic cores. In some examples, each merge data unit would select one of the four cryptographic processing cores to handle data based on load.
According to various embodiments, the load distributor schedules data sequences by scheduling the pointers in the buffer pointer table. At 811, the load distributor provides a pointer to a policy security association lookup unit list. It should be noted that some data sequences may require no cryptographic core processing and may instead be provided to a bypass list or a public key processing list. At 813, the output controller pulls data from the input buffer along with any associated policy security association lookup unit header information. The output controller pulls data from the input buffer based on pointers provided in a target list. At 815, the policy security association lookup is performed using information such as header information associated with the data sequence. At 821, a merge data unit combines the data sequence with the results of a policy security association lookup. At 823, input buffer memory and any associated free pointers are returned.
According to various embodiments, the input controller 921 writes data blocks to buffer memory and data block pointers to a buffer pointer table 951 in the order that the input controller receives them. In one example, pointers to blocks 1, 2, and 4 may be placed into a first port buffer list while pointers to blocks 3 and 5 may be placed in a second port buffer list. A routing unit 961 recognizes the ordering and pulls pointers in order and places the pointers in the target list 971. In many implementations, the target list 971 includes lists of pointers each associated with the various output ports. In one example, lists of pointers are provided in target list 971. In one example, four lists of pointers correspond to output ports 911, 913, 915, and 917. Each pointer in the target list 971 corresponds to a block in output buffer 991. It should be noted that in the data input unit, the pointers in the buffer pointer table are allocable to the various input ports based on the particular needs and requirements of the input ports.
In the data routing unit, however, the pointers in the target list 971 are allocable to the various output ports based upon the needs and requirements of the various output ports. In one example, output port 911 may be configured to support large packets. Consequently, the large number of output buffer memory manager 991 would be allocated to output port 911. In one example, the routing unit 961 would pull a first block pointer associated with a flow and place the pointer into a buffer list associated with a Gigabit MAC output port. The routing unit 961 would not pull another block from that particular flow until the second block pointer is pulled. In this manner, the routing unit 961 can pull data blocks in order from the buffer pointer table even if the blocks of data came from different data paths in the cryptographic accelerator.
It should be noted that although the blocks on a particular data path will typically be in order, the blocks received from multiple data paths by the input controller will not necessarily be in order. That is, blocks 3 and 5 in a sequence may be received along a data path before blocks 1, 2 and 4 are received from another data path. The routing unit 961 pulls pointers to data blocks in order from the buffer pointer table and places them in an output port list in the target list 971. The output controller 981 uses the pointers in the target list 971 to identify data blocks in the output buffer 991 to forward to the output ports.
While the invention has been particularly shown and described with reference to specific embodiments thereof, it will be understood by those skilled in the art that changes in the form and details of the disclosed embodiments may be made without departing from the spirit or scope of the invention. It is therefore intended that the invention be interpreted to include all variations and equivalents that fall within the true spirit and scope of the present invention.
Claims
1. A cryptography accelerator, comprising:
- a plurality of input ports configured to receive data comprising header information and data blocks;
- a plurality of cryptographic processing cores, each cryptographic processing core having a plurality of data paths;
- an input buffer coupled to the plurality of input ports and cryptographic processing cores, wherein the input buffer is shared by the plurality of input ports and the plurality of data paths associated with each cryptographic processing core in the plurality of cryptographic processing cores;
- an input controller coupled to the plurality of input ports, wherein the input controller dynamically allocates resources of the input buffer to the plurality of input ports and to the plurality of data paths associated with each cryptographic processing core in the plurality of cryptographic processing cores; and
- wherein the shared input buffer is dynamically allocable by varying a number of entries in a buffer pointer table allocated to each of the plurality of ports.
2. The cryptography accelerator of claim 1, wherein policy and security association information is extracted based on source and destination addresses and source and destination ports of the data blocks.
3. The cryptography accelerator of claim 1, wherein policy and security association information comprises key and algorithm information.
4. The cryptography accelerator of claim 1, wherein the plurality of input ports comprise a streaming interface port.
5. The cryptography accelerator of claim 4, wherein the plurality of input ports further comprise a memory mapped port.
6. The cryptography accelerator of claim 1, wherein the buffer pointer table comprises a plurality of pointers.
7. The cryptographic accelerator of claim 1, further comprising:
- policy security association lookup circuitry configured to receive header information and determine policy and security association information associated with the data blocks, wherein the policy and security association information is forwarded with the data blocks to cryptographic processing cores.
8. The cryptography accelerator of claim 7, wherein the policy security association lookup circuitry receives a pointer to header information.
9. A cryptography accelerator comprising:
- a plurality of input ports configured to receive data comprising header information and data blocks;
- a plurality of cryptographic processing cores; an input buffer coupled to the plurality of input ports and cryptographic processing cores, wherein the input buffer is shared by the plurality of input ports and the plurality of cryptographic processing cores;
- an input controller coupled to the plurality of input ports, wherein the input controller dynamically allocates resources of the input buffer to the plurality of input ports and the plurality of cryptographic processing cores; and
- a buffer pointer table associated with the plurality of input ports, the buffer pointer table having a plurality of entries configured to hold header information from the plurality of input ports, the plurality of entries referencing data blocks in the shared input buffer.
10. The cryptography accelerator of claim 9, further comprising:
- a data input unit load distributor configured to select entries from the buffer pointer table.
11. The cryptography accelerator of claim 10, further comprising:
- an output controller configured to receive buffer pointer table entries from the load distributor, pull data blocks corresponding to the entries from the input buffer, and forward the data blocks to a plurality of data paths associated with the plurality of cryptographic processing cores.
12. The cryptography accelerator of claim 11, further comprising a merge data unit coupled to the output controller and the policy security association lookup circuitry, wherein the merge data unit is configured to wait for the policy and security association information and the corresponding data block before forwarding the policy and security association information along with the data block to a cryptographic processing core.
13. The cryptographic accelerator of claim 7, wherein the input controller is configured to write data blocks from the plurality of input ports into the input buffer and write entries corresponding to the data blocks into the buffer pointer table.
14. A method for data handling in a cryptography accelerator having a plurality of input ports and a plurality of cryptographic processing cores, comprising:
- each cryptographic processing core having a plurality of data paths;
- receiving data at the plurality of input ports; dynamically allocating space in an input buffer shared by the plurality of input ports and the plurality of data paths associated with each cryptographic processing core in the plurality of cryptographic processing cores to the received data; and
- allocating space in the shared input buffer to data used by the a data path associated a cryptographic processing core to process the received data; and
- wherein the input buffer is dynamically allocated by varying the number of entries in a buffer pointer table allocated to each of the plurality of input ports.
15. The method of claim 14, wherein the shared resource is a buffer shared by the plurality of input ports.
16. The method of claim 14, wherein the references are pointers to entries in the shared resource.
17. The method of claim 16, wherein the references are included in a buffer pointer table.
18. The method of claim 17, wherein the shared resource can be allocated based on needs of particular input ports.
19. A method for data handling in a cryptography accelerator having a plurality of input ports and a plurality of cryptographic processing cores comprising:
- receiving data at the plurality of input ports;
- dynamically allocating space in an input buffer shared by the plurality of input ports and the plurality of cryptographic processing cores to the received data;
- allocating space in the shared input buffer to data used by the cryptographic processing core to process the received data;
- providing references to the received data in the shared input buffer, wherein the references identify the received data as well as the type of the received data;
- performing a policy security association lookup to determine policy and security association information associated with the received data; and
- forwarding the received data along with policy and security association to the plurality of cryptographic processing cores.
20. A cryptography accelerator, comprising:
- a plurality of input ports configured to receive data comprising header information and data blocks;
- a plurality of cryptographic processing cores, each cryptographic processing core having a plurality of data paths;
- a bypass line coupling the plurality of input ports to a plurality of output ports;
- an input buffer coupled to the plurality of input ports and cryptographic processing cores, wherein the input buffer is shared by the plurality of
- input ports and the plurality of data paths associated with each cryptographic processing core in the plurality of cryptographic processing cores;
- an input controller coupled to the plurality of input ports, wherein the input controller dynamically allocates resources of the input buffer to the plurality of input ports and to the plurality of data paths associated with each cryptographic processing core in the plurality of cryptographic processing cores; and
- a target list having a bypass list associated with data blocks to be passed through the cryptography accelerator without cryptographic processing.
21. A cryptography accelerator, comprising:
- a plurality of input ports configured to receive data comprising header information and data blocks;
- a plurality of cryptographic processing cores;
- a bypass line coupling the plurality of input ports to a plurality of output ports;
- an input buffer coupled to the plurality of input ports and cryptographic processing cores, wherein the input buffer is shared by the plurality of input ports and the plurality of cryptographic processing cores and wherein the input buffer is dynamically allocated by varying the number of entries in a buffer pointer table allocated to each of the plurality of input ports;
- an input controller coupled to the plurality of input ports, wherein the input controller dynamically allocates resources of the input buffer to the plurality of input ports and the plurality of cryptographic processing cores; and
- a target list having a bypass list associated with data blocks to be passed through the cryptography accelerator without cryptographic processing.
4491909 | January 1, 1985 | Shimizu |
4774706 | September 27, 1988 | Adams |
RE33189 | March 27, 1990 | Lee et al. |
5161193 | November 3, 1992 | Lampson et al. |
5297206 | March 22, 1994 | Orton |
5329623 | July 12, 1994 | Smith et al. |
5365589 | November 15, 1994 | Gutowitz |
5471482 | November 28, 1995 | Byers et al. |
5631960 | May 20, 1997 | Likens et al. |
5734829 | March 31, 1998 | Robinson |
5751809 | May 12, 1998 | Davis et al. |
5796744 | August 18, 1998 | Krawczak et al. |
5796836 | August 18, 1998 | Markham |
5809147 | September 15, 1998 | De Lange et al. |
5867706 | February 2, 1999 | Martin et al. |
5870474 | February 9, 1999 | Wasilewski et al. |
5870479 | February 9, 1999 | Feiken et al. |
5933503 | August 3, 1999 | Schell et al. |
5936967 | August 10, 1999 | Baldwin et al. |
5943338 | August 24, 1999 | Duclos et al. |
5949881 | September 7, 1999 | Davis |
5953416 | September 14, 1999 | Hasebe et al. |
5983350 | November 9, 1999 | Minear et al. |
6003135 | December 14, 1999 | Bialick et al. |
6038551 | March 14, 2000 | Barlow et al. |
6069957 | May 30, 2000 | Richards |
6101255 | August 8, 2000 | Harrison et al. |
6111858 | August 29, 2000 | Greaves et al. |
6115816 | September 5, 2000 | Davis |
6157955 | December 5, 2000 | Narad et al. |
6189100 | February 13, 2001 | Barr et al. |
6216167 | April 10, 2001 | Momirov |
6226710 | May 1, 2001 | Melchior |
6269163 | July 31, 2001 | Rivest et al. |
6295602 | September 25, 2001 | Weissman et al. |
6295604 | September 25, 2001 | Callum |
6320964 | November 20, 2001 | Callum |
6327625 | December 4, 2001 | Wang et al. |
6349405 | February 19, 2002 | Welfeld |
6378072 | April 23, 2002 | Collins et al. |
6393026 | May 21, 2002 | Irwin |
6393564 | May 21, 2002 | Kanemitsu et al. |
6421730 | July 16, 2002 | Narad et al. |
6477646 | November 5, 2002 | Krishna et al. |
6484257 | November 19, 2002 | Ellis |
6493347 | December 10, 2002 | Sindhu et al. |
6529508 | March 4, 2003 | Li et al. |
6701432 | March 2, 2004 | Deng et al. |
6704871 | March 9, 2004 | Kaplan et al. |
6708273 | March 16, 2004 | Ober et al. |
6751677 | June 15, 2004 | Ilnicki et al. |
6751728 | June 15, 2004 | Gunter et al. |
6760444 | July 6, 2004 | Leung |
6778495 | August 17, 2004 | Blair |
6791947 | September 14, 2004 | Oskouy et al. |
6807183 | October 19, 2004 | Chow et al. |
6831979 | December 14, 2004 | Callum |
6862278 | March 1, 2005 | Chang et al. |
6909713 | June 21, 2005 | Magnussen et al. |
6963979 | November 8, 2005 | Fairclough et al. |
6981140 | December 27, 2005 | Choo |
6983366 | January 3, 2006 | Huynh et al. |
6983374 | January 3, 2006 | Hashimoto et al. |
6996842 | February 7, 2006 | Strahm et al. |
7003118 | February 21, 2006 | Yang et al. |
7005733 | February 28, 2006 | Kommerling et al. |
7017042 | March 21, 2006 | Ziai et al. |
7020137 | March 28, 2006 | Kadambi et al. |
7039641 | May 2, 2006 | Woo |
7055029 | May 30, 2006 | Collins et al. |
7062657 | June 13, 2006 | Law |
7086086 | August 1, 2006 | Ellis |
7191341 | March 13, 2007 | Paaske et al. |
7266703 | September 4, 2007 | Anand et al. |
20020001384 | January 3, 2002 | Buer et al. |
20020004904 | January 10, 2002 | Blaker et al. |
20020009076 | January 24, 2002 | Engbersen et al. |
20020039418 | April 4, 2002 | Dror et al. |
20020044649 | April 18, 2002 | Gallant et al. |
20020057796 | May 16, 2002 | Lambert et al. |
20020078342 | June 20, 2002 | Matthews, Jr. |
20020085560 | July 4, 2002 | Cathey et al. |
20020097724 | July 25, 2002 | Halme et al. |
20020108048 | August 8, 2002 | Qi et al. |
20020165718 | November 7, 2002 | Graumann et al. |
20020191790 | December 19, 2002 | Anand et al. |
20030005144 | January 2, 2003 | Engel et al. |
20030014627 | January 16, 2003 | Krishna et al. |
20030023846 | January 30, 2003 | Krishna et al. |
20030041252 | February 27, 2003 | Fung et al. |
20030046423 | March 6, 2003 | Narad et al. |
20030084308 | May 1, 2003 | Van Rijnswou |
20030084309 | May 1, 2003 | Kohn |
20040039936 | February 26, 2004 | Lai |
20040054914 | March 18, 2004 | Sullivan |
20040083375 | April 29, 2004 | Foster et al. |
20040098600 | May 20, 2004 | Eldeeb |
20040123096 | June 24, 2004 | Buer et al. |
20040123120 | June 24, 2004 | Buer et al. |
20040123123 | June 24, 2004 | Buer et al. |
0876026 | November 1998 | EP |
1132800 | September 2001 | EP |
WO 01/80483 | October 2001 | WO |
WO 02/41599 | May 2002 | WO |
- Erich Nahum, David J. Yates, Sean O'Malley, Hilarie Orman, and Richard Schroeppel; “Parallelized Network Security Protocols”; 1996 IEEE; pp. 145-154.
- Krishna et al., “Classification Engine in a Cryptography Acceleration Chip”, U.S. Appl. No. 09/610,722, filed Jul. 6, 2000, 43 pgs.
- Krishna et al., “Distributed Processing in a Cryptography Acceleration Chip”, U.S. Appl. No. 09/610,798, filed Jul. 6, 2000, 44 pgs.
- Deepakumara, J. et al., “FPGA Implementation of MD5 Hash Algorithm,” Conference Proceedings of the Canadian Conference on Electrical and Computer Engineering, vol. II, pp. 919-924, May 13-16, 2001.
- Burnside, M. and Keromytis, A.D., “Accelerating Application-Level Security Protocols,” The 11th IEEE International Conference on Networks, pp. 313-318, Sep. 28-Oct. 1, 2003.
- Jiang, S. et al., “Securing Web Servers against Insider Attack,” Proceedings 17th Annual Computer Security Applications Conference, pp. 265-276, Dec. 10-14, 2001.
- “Server ECS”, Mar. 9, 1998, [Retrieved from Internet Sep. 2, 2004], “http://home.expertcanmore.net/expert/servers.htm”.
- IPSec Overview, Jun. 5, 2001, [Retrieved from Internet Sep. 2, 2004], “http://forsitesolutions.com/Techstuff/freeswan/inside—overview.html.”.
- “RFC 2402”, Oct. 1998, [Retrieved from Internet Sep. 3, 2004], “http://www.ietf.org/rfc/rfc2402.txt?number=2402”.
- Secure Products VMS115, VLSI Technology, Inc., Printed in USA, Document Control: VMS115, VI, 0, Jan. 1999, pp. 1-2.
- VMS 115 Data Sheet, VLSI Technology, Inc., a subsidiary of Philips Semiconductors, Revision 2:3, Aug. 10, 1999, pp. 1-64.
- Data Sheet 7751 Encryption Processor, Network Security Processors, Jun. 1999, pp. 1-84.
- Senie, D., “NAT Friendly Application Design Guidelines”, Amaranth Networks, Inc., NAT Working Group, Internet-Draft, Sep. 1999, pp. 1-7.
- Floyd, S. and Jacobson, V., “Random Early Detection Gateways for Congestion Avoidance”, IEEE/ACM Transactions on Networking, vol. 1, No. 4, Aug. 1993, pp. 397-413.
- Egevang, K. and Francis, P., “The IP Network Address Translator (NAT)”, Network Working Group, Request for Comments: 1631, May 1994, pp. 1-10.
- Pall, G. S. and Zorn, G., “Microsoft Point-to Point Encryption (MPPE) Protocol”, Microsoft Corporation, Network Working Group, Internet Draft, Updates: RFC 2118, Oct. 1999, pp. 1-12.
- Deutsch, P., “DEFLATE Compressed Data Format Specification Version 1.3”, Aladdin Enterprises, Network Working Group, Request for Comments: 1951, May 1996, pp. 1-17.
- Kent, S. and Atkinson, R., “IP Authentication Header”, Network Working Group, Request for Comments: 2402, printed from http://www.ietf.org/rfc/rfc2402.txt?number=2402, Nov. 1998, 21 pages.
- Kent, S. and Atkinson, R., “IP Encapsulating Security Payload (ESP)”, Network Working Group, Request for Comments: 2406, printed from http:www.ietf.org/rfc/rfc2406.txt?number=2406, Nov. 1998, 21 pages.
- Maughan, D. et al., “Internet Security Association and Key Management Protocol (ISAKMP)”, Network Working Group, Request for Comments: 2408, Nov. 1998, pp. 1-20.
- Harkins, D. et al., “The Internet Key Exchange (IKE)”, Cisco Systems, Network Working Group, Request for Comments: 2409, Nov. 1998, pp. 1-12.
- Srisuresh, P., “Security Model with Tunnel-mode IPsec for NAT Domains”, Lucent Technologies, Network Working Group, Request for Comments: 2709, Oct. 1999, pp. 1-11.
- Shenker, S. et al., “Specification of Guaranteed Quality of Service”, Network Working Group, Request for Comments: 2212, Sep. 1997, pp. 1-20.
- Srisuresh, P. and Holdrege, M., “IP Network Address Translator (NAT) Terminology and Considerations”, Lucent Technologies, Network Working Group, Request for Comments: 2663, Aug. 1999, pp. 1-30.
- Kent, S., and Atkinson, R., “Security Architecture for the Internet Protocol”, Network Working Group, Request for Comments: 2401, Nov. 1998, pp. 1-66.
- Compression for Broadband Data Communications, BlueSteel Networks, Inc., Sep. 8, 1999, pp. 1-9.
- Securing and Accelerating e-Commerce Transactions, BlueSteel Networks, Inc., Revision 2.0, Oct. 20, 1999, pp. 1-7.
- Securing Broadband Communications, By BlueSteel Networks, Inc., Sep. 8, 1999, pp. 1-10.
- Keromytis, A.D. et al., “Implementing IPsec”, Global Telecommunications Conference (Globecom), IEEE, Nov. 3, 1997, pp. 1948-1952.
- Pierson, L.G. et al., “Context-Agile Encryption for High Speed Communication Networks”, Computer Communications Review, Association for Computing Machinery, vol. 29, No. 1, Jan. 1999, pp. 35-49.
- Sholander, P. et al.,. “The Effect of Algorithm-Agile Encryption on ATM Quality of Service”, Global Telecommunications Conference (Globecom), IEEE, Nov. 3, 1997, pp. 470-474.
- Smirni, E. et al., “Evaluation of Multiprocessor Allocation Policies”, Technical Report, Vanderbilt University, Online, 1993, pp. 1-21.
- Tarman, T.D. et al., “Algorithm-Agile Encryption in ATM Networks”, IEEE Computer, Sep. 1998, vol. 31, No. 1, pp. 57-64.
- Wassal, A.G. and Hasan, M.A., “A VLSI Architecture for ATM Algorithm-Agile Encryption”, Proceedings Ninth Great Lakes Symposium on VLSI, Mar. 4-6, 1999, pp. 325-328.
- Analog Devices: “Analog Devices and IRE Announce First DSP-Based Internet Security System-On-A-Chip”, Analog Devices Press Release, Online, Jan. 19, 1999, pp. 1-3, printed from http://content.analog.com/pressrelease/prdisplay/0,1622,16,00.html.
- 3Com: “3Com Launches New Era of Network Connectivity”, 3Com Press Release, Jun. 14, 1999, pp. 1-3.
- Analog Devices: ADSP2141 SafeNetDPS User's Manual, Revision 6, Analog Devices Technical Specifications, Mar. 2000, XP002163401, pp. i-v and 1-82.
- Madson, C. and Glenn, R., “RFC 2403- The Use of HMAC-MD5-96 within ESP and AH”, IETF Request for Comments: 2403, Nov. 1998, printed from http://csrc.nist.gov/ipsec/papers/rfc2403-hmacmd5.txt, 7 Pages.
- Kent, S. and Atkinson, R., “RFC 2406-IP Encapsulating Security Payload (ESP)”, IETF Request for Comments: 2406, Nov. 1998, Retrieved from the Internet and Mar. 20, 2001, http://www.faqs.org/rfcs/frc2406.html, 5 Pages.
- Sedgewick, R., Algorithms in C—Third Edition, 1998, Addison Wesley, XP002163543, pp. 573-608.
- Schneider, B., Applied Cryptography, Second Edition, 1996, John Wiley & Sons, New York, cited in the application, p. 442, paragraph 18.7—p. 445 (pp. 436-445 enclosed).
- Stallings, W., “SHA: The Secure Hash Algorithm,”Dr. Dobb's Journal, Apr. 1994, pp. 32 and 34.
- European Search Report, from European Patent Appl. No. 03029195.9, 3 pages, dated Nov. 2, 2005.
- Final Rejection completed for U.S. Appl. No. 10/350,907 by Examiner Zachary A. Davis, mailed on Aug. 15, 2008, 17 pages.
Type: Grant
Filed: Jan 23, 2003
Date of Patent: Jul 28, 2009
Patent Publication Number: 20040123119
Assignee: Broadcom Corporation (Irvine, CA)
Inventors: Mark Buer (Gilbert, AZ), Donald P. Matthews (Morgan Hill, CA)
Primary Examiner: Emmanuel L Moise
Assistant Examiner: Techane J Gergiso
Attorney: Sterne Kessler Goldstein & Fox, PLLC
Application Number: 10/350,902
International Classification: G06F 11/30 (20060101); H04L 9/00 (20060101); H04L 12/28 (20060101);